package com.backstage.controller;

import com.backstage.common.annotation.log.Operate;
import com.backstage.common.base.bean.Message;
import com.backstage.common.base.enum_bean.LogType;
import com.backstage.common.uitil.DES_3;
import com.backstage.common.uitil.VerifyCodeUtils;
import com.backstage.configuration.shiro.CustomToken;
import com.backstage.entity.Menu;
import com.backstage.entity.User;
import com.backstage.service.LoginService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.servlet.ModelAndView;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.List;

/**
 * @Project authority
 * @Package com.backstage.controller
 * @Data 2017/7/10下午 3:45.
 * @Aurhor 阮雪峰
 */
@RequestMapping("/authority")
@Controller
public class LoginController extends BaseController {

    @Resource(name = "loginService")
    private LoginService loginService;

    /**
     * 获取验证码
     * @param req
     * @param resp
     * @return
     * @throws IOException
     */
    @RequestMapping(value = "/authImage", method = RequestMethod.GET)
    public ModelAndView authImage(HttpServletRequest req, HttpServletResponse resp) throws IOException {
        resp.setHeader("Pragma", "No-cache");
        resp.setHeader("Cache-Control", "no-cache");
        resp.setDateHeader("Expires", 0);
        resp.setContentType("image/jpeg");

        //生成随机字串
        String verifyCode = VerifyCodeUtils.generateVerifyCode(4);

        //存入会话session
        Subject subject = SecurityUtils.getSubject();
        subject.getSession().setAttribute("rand", verifyCode.toLowerCase());

        //生成图片
        int w = 400, h = 200;
        VerifyCodeUtils.outputImage(w, h, resp.getOutputStream(), verifyCode);
        return null;
    }

    /**
     * 登录
     * @param user
     * @return
     */
    @Operate(value = "登录", logType = LogType.other)
    @RequestMapping(value = "/login", method = RequestMethod.POST)
    @ResponseBody
    public Message sign(User user, HttpServletResponse response){
        response.setHeader("Access-Control-Allow-Origin", "*");
        Subject subject = SecurityUtils.getSubject();
        //UsernamePasswordToken token = new UsernamePasswordToken(user.getUser_name(), user.getPassword());
        CustomToken token = new CustomToken(user.getUser_name(), user.getPassword(), user.getVerifyCode());
        subject.login(token);// 会交给AuthorityRealm中的doGetAuthenticationInfo方法去验证
        return Message.LOGIN_SUCCESS;
    }

    /**
     * 退出登录
     * @return
     */
    @Operate(value = "退出登录", logType = LogType.other)
    @RequestMapping(value = "/logout", method = RequestMethod.POST)
    @ResponseBody
    public Message logout(){
        Subject subject = SecurityUtils.getSubject();
        if(subject != null){
            subject.logout();
        }
        return Message.LOGOUT_SUCCESS;
    }

    /**
     * 获取登录用户的用户名
     * @param req
     * @return
     */
    @RequestMapping("/getLoginUser")
    @ResponseBody
    public User getLoginUser(HttpServletRequest req){
        User u = new User();
        u.setUser_name(super.getLoginUser().getUser_name());
        return u;
    }

    /**
     * 获取权限
     * @return
     */
    @RequestMapping(value = "/getLoginUserPower", method = RequestMethod.POST)
    @ResponseBody
    public List<Menu> getLoginUserPower(){
        return loginService.getLoginUserPower(super.getLoginUser());
    }

    /**
     * 锁屏
     * @return
     */
    @RequestMapping(value = "/lockScreen", method = RequestMethod.POST)
    @ResponseBody
    public Message lockScreen(){
        SecurityUtils.getSubject().getSession().setAttribute("lockScreenState", true);
        return Message.LOCKSCREEN_SUCCESS;
    }

    /**
     * 解锁
     * @return
     */
    @RequestMapping(value = "/unlockScreen", method = RequestMethod.POST)
    @ResponseBody
    public Message unlockScreen(User user){
        User loginUser = super.getLoginUser();
        String password = DES_3.decryptBy3DES(loginUser.getPassword(), loginUser.getDes_key());
        if(password.equals(user.getPassword())){
            SecurityUtils.getSubject().getSession().setAttribute("lockScreenState", false);
            return Message.UNLOCKSCREEN_SUCCESS;
        }else{
            return Message.PASSWORD_ERROR;
        }
    }

    /**
     * 查询锁屏是否锁定
     * @return
     */
    @RequestMapping(value = "/getLockScreenState", method = RequestMethod.POST)
    @ResponseBody
    public boolean getLockState(){
        return (boolean) SecurityUtils.getSubject().getSession().getAttribute("lockScreenState");
    }

}
